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METHOD FOR THE AUTOMATIC LOG-IN OF A SUBSCRIBER STATION 
SITUATED PARTICULARLY IN A MOTOR VEHICLE IN AN EXTERNAL 

INFORMATION SYSTEM 

BACKGROUND AND SUMMARY OF THE INVENTION 

[0001] The present application is a continuation of international patent 
application no. PCT/EP02/08965, filed 09 August 2002, designating the United 
States of America, the entire disclosure of which is incorporated herein by reference. 
Priority is claimed based on German patent application 101 39 888.3, filed 20 
August 2001. 

[0002] The present invention relates to a method for automatically logging in a 
subscriber station situated in an external information system, such as a motor 
vehicle. 

[0003] Although, in principle, the invention is applicable to any subscriber 
stations, it is explained herein with respect to a log-in of a subscriber station 
situated in a motor vehicle, via a radio communications network in an external 
server of the automobile manufacturer, also called a "portal". 

[0004] A log-in (sometimes also called log-on) is the process of starting a session 
of a subscriber in an information system or data processing system, including the 

- 1 - 



input of a subscriber identification and a password, as well as of the checking of an 
access authorization by the system (referred to as authentication). 

[0005] In a motor vehicle, it may be very inconvenient for a user to have to input 
his or her password each time, when starting a browser situated with the subscriber 
station contained in the motor vehicle. 

[0006] For subscriber identification, it is customary to present to the user a menu 
of valid subscriber identifications on a video screen, so that he or she can input the 
desired subscriber identification by pressing a button, without having to input the 
different characters that comprise the subscriber identification. This technique is 
particularly useful in a motor vehicle because input devices of the subscriber 
stations typically are not equipped with a keyboard, but only a joystick or a rocker, 
with relatively few direct functions. 

[0007] As a rule, security is impaired by an automatic log-in. However, in a motor 
vehicle, this concern is not as critical as in a publicly accessible system because, in 
order to enter the motor vehicle the user must first pass through a security system 
which is normally equipped with a key code. To this extent, access to the motor 
vehicle is limited, and the security requirements regarding access to the vehicle are 
greater than those applicable to access to the browser, because the vehicle itself has 
a very high value. Thus, in principle, an automatic log-in can be tolerated for a 
subscriber station situated in a motor vehicle. 



[0008] One object of the present invention is therefore to provide a method for 
automatic log-in of a vehicle borne subscriber station into an external information 
system, which method is easily implemented, and at the same time offers at least 
a certain minimum degree of security. * 

[0009] This and objects and advantages are achieved by the log-in method 
according to the invention, in which, after a corresponding activation of the system, 
an automatic log-in of the subscriber station in the external information system can 
be carried out by transmitting only the subscriber identification and a closed code, 
but without a password. 

[0010] According to a preferred further embodiment of the invention, to activate 
an automatic log-in, a non-automatic log-in of the subscriber station into the 
external information system is performed while the subscriber identification , the 
pertaining pass words and the station identification are transmitted to the external 
information system. The access request is transmitted in the logged-in condition. 

[001 1] According to a further embodiment of the invention, the subscriber station 
is situated in a motor vehicle and communicates with the external information 
system by way of a radio communications network. 

[0012] According to another embodiment, the station identification contains a 
vehicle-specific parameter, particularly a vehicle identification number. 



[0013] According to another embodiment, only a single code is established for each 
station identification. 

[0014] According to still another embodiment, during the activating of the 
automatic log-in in the external information system, a subscriber list is entered, 
containing the corresponding subscriber identification with the station identification 
and the pertaining code for the automatic log-in. 

[0015] According to a further embodiment, the external information system has 
a list with admissible subscriber identifications for a respective station 
identification. 

[0016] According to a further embodiment, in the case of a log-in request of the 
subscriber station, the external information system transmits the list with the 
admissible subscriber identifications, the list being visually indicated at the 
subscriber station. 

[0017] According to another embodiment, a cancel request for the subscriber 
identification is provided which deactivates the automatic log-in for the respectively 
used subscriber station. 

[0018] According to yet another embodiment, a cancel request for the subscriber 
identification is provided which deactivates the automatic log-in for each subscriber 
station. 



[0019] According to still another embodiment, the secret code has a succession of 
a plurality of characters which are defined in a predetermined value range. 

[0020] In a further embodiment of the invention, the secret code is generated by 
a random process in the external information system. 

[0021] In yet a further embodiment, in the event of an attempt of an automatic 
log-in with the transmission of the subscriber identification without the password, 
the station identification and the hidden transmission of a false code to the external 
information system, the automatic log-in is deactivated for each subscriber station. 

[0022] Other objects, advantages and novel features of the present invention will 
become apparent from the following detailed description of the invention when 
considered in conjunction with the accompanying drawings. 

BRIEF DESCRIPTION OF THE DRAWINGS 

[0023] Figure 1 is a schematic view of a system in which the method for an 
automatic log-in according to the invention can be used; 

[0024] Figure 2 is a more detailed view of a subscriber list that is stored in the 
external information system in an embodiment of the method according to the 
invention; 
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[0025] Figures 3A and 3B illustrate the process steps for activating automatic log- 
in according to the invention; and 

[0026] Figure 4 shows the process steps for an automatic log-in, after automatic 
log-in has been activated. 

DETAILED DESCRIPTION OF THE DRAWINGS 

[0027] Figure 1 is a schematic view of a system in which the method according to 
the invention for an automatic log-in can be used. Reference symbol A indicates a 
motor vehicle to which access is secured by a conventional key code system. A 
subscriber station Tl situated on the vehicle can be operated by the user of the 
motor vehicle by means of an operating device, such as a joystick or a rocker. The 
subscriber station Tl contains a browser which controls its operation and its 
external contacts. 

[0028] By means of the browser, the subscriber station Tl can contact an external 
information system P, for example, in the form of a server of the automobile 
manufacturer (also called a portal). Such contact can take place, for example, by 
a radio communications network N, such as the GSM radio communications 
network. 

[0029] In order to avoid an unauthorized excess to the external information 
system, the external information system P contains a subscriber list UL, which has 



corresponding authorization data and access data for all authorized subscribers. 
The authorization data specify, among other things, which specific functions a 
subscriber can carry out, and the access data specify the data that the browser must 
transmit to the subscriber station Tl, to' establish a connection at all. 

[0030] Figure 2 is a detailed view of the subscriber list UL stored in the external 
information system P. To simplify the explanation, only a portion of the subscriber 
list for the first three subscribers is shown in the present example. Users of the 
system are designated by consecutively assigned numbers UNR contained in the 
first column from the left; alternatively, the actual subscriber name or another 
provisional substitute may be used instead of the subscriber number. The second 
column UNA contains for each subscriber Ul, U2, U3, which the subscriber must 
transmit via the browser of the subscriber station Tl to the external information 
system PI, in order to access the latter. For a conventional non-automatic log-in, 
a corresponding password PW must also transmitted to the external information 
system P so that the access is opened up. This password PW is indicated in the 
third column from the left for the respective subscriber; here, as PI, P2, P3. 

[0031] The fourth column contains a so-called station identification VIN. In the 
present case, this station identification is a vehicle-specific parameter (specifically 
a vehicle identification number), which indicates to the external information system 
P the vehicle from which the corresponding subscriber wants to have access. For 
this purpose, during each log-in attempt, the parameter VIN is automatically 



transmitted from the subscriber station Tl via the browser to the external 
information system P, normally in a hidden manner; that is, without being 
displayed to the user of the subscriber station Tl. 

[0032] As illustrated in the corresponding column in Figure 2, several station 
identifications VIN can be assigned to a subscriber; for example, for a first vehicle, 
second vehicle, third vehicle, etc. Thus, in the present example, the user No. 1 has 
an access authorization for the vehicles with the station identifications VINl and 
VIN3; while User No. 2 has an access authorization only for the vehicle with the 
station identification VIN2; and User No. 3 has access authorizations for the 
vehicles with the position identifications VINl, VIN2 and VIN3. 

[0033] According to the invention, the right-hand column of the subscriber list UL, 
designated as named AUTO-L, indicates whether an automatic log-in is setup for 
the corresponding subscriber in the respective admissible vehicle, and also contains 
a secret code which, in the case of an automatic log-in, is to be transmitted in a 
hidden manner from the concerned vehicle to the external information system P, so 
that the automatic log-in is actually carried out. 

[0034] The significance of this special code, designated as VIN1-RN, VIN2-RN and 
VTN3-RN respectively, is that, even if the station identification VIN is falsified, 
unauthorized access to the external information system P is impossible because the 
secret code, which is to be transmitted in a hidden manner, is not known or cannot 
be determined. For this purpose, the secret code can be generated purely based on 



software and in a random manner and can be stored in memory regions which are 
not externally accessible. 

[0035] Figures 3A and 3B show a sequence of process steps for activating 
automatic log-in according to the present invention. The process steps Si to S14 are 
carried out at the subscriber station Tl (to the left) or at the external information 
system P (to the right). Respective connection arrows between the subscriber 
station Tl and the external information system P indicate messages that are 
exchanged between the two units via the radio communications network N. 

[0036] In a first step SI, the subscriber or user enters the motor vehicle A and 
switches on the subscriber station Tl, activating the browser installed thereon, for 
example, by activating the ignition lock or a special on/off switch. Subsequently, in 
a second step S2, the subscriber station Tl sends a first request Rl by way of the 
radio communications network N (here, the GSM network, which is activated 
simultaneously) to the external information system P. The request Rl contains an 
access data set AR containing, among other things, the station identification VTNl 
of the subscriber station Tl in the motor vehicle A, so that the external information 
system P can easily detect from where the request Rl is coming. 

[0037] In a third step S3, the external information system P checks whether valid 
subscribers are provided for the station identification VINl. In the present case, the 
subscribers with the subscriber identification Ul and U3 are provided for the station 
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identification VIN1, as indicated directly in the subscriber list according to Figure 
2. 

[0038] In a next step S4, the external information system P sends a response Al 
to the subscriber station Tl, including a so-called log-in page LIP, in which the 
admissible subscriber identifications U1,U3 are transmitted directly to the 
subscriber station Tl and offered there for the selection by the user on a display 
unit (not shown). 

[0039] In a further step S5, the user inputs by way of the input unit of the 
subscriber station Tl the desired subscriber identification, here Ul, together with 
the corresponding password Pl;and in a step S6, the subscriber station Tl sends 
this data set (optionally together with additional data) in a request R2 to the 
external information system. 

[0040] In a subsequent step S7, the external information system P checks whether 
the password Pi for the subscriber identification Ul is correct. If not so, the process 
is, for example, terminated or jumps back to step S4. Since, in the present case, the 
password PI is part of the subscriber identification Ul, in the subsequent step S8, 
the external information system P sends a dialog page D1AP in a second response 
A2 to the subscriber station Tl. 

[0041] Generally, the dialog page D1AP contains a fairly large number of input 
options or possibilities among which the user can select the option which seems 
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appropriate to him. In the present case, it will be assumed that the activation of an 
automatic log-in represents one of the options. 

[0042] In step S9, the user selects this option of activating the automatic log-in; 
and in step S10, a corresponding third request R3 with the corresponding 
parameter AUTO-L is sent to the external information system P. 

[0043] In the subsequent step Si 1, the external information system, in the column 
AUTO-L, generates the input (VINl, VINl-RN) illustrated in Figure 2 for the 
subscriber No. 1 in connection with the station identification VINl. As explained 
above, this input indicates that the automatic log-in is activated for this user and 
this station identification and simultaneously a random code VINl-RN is thereby 
generated which, as explained below, has to be transmitted together with a request 
for an automatic log-in by the concerned subscriber station, so that an automatic 
log-in can, in fact, be carried out. 

[0044] The code VINl-RN is a string of characters (for example, 10 to 20), which 
may be limited to a certain value range in order to increase security. For example, 
certain string values may be excluded from the start, or the string values may be 
limited to a certain size range. 

[0045] In the subsequent step Si 2, the external information system P sends the 
generated VINl-RN code in a hidden manner in the response A3 to the subscriber 
station Tl. In other words, the user of the subscriber station Tl is aware of neither 



the transmission of the secret code nor the value thereof. After the receipt of the 
secret VINl-RN code in the subscriber station Tl, the latter is stored in step S13 in 
an inaccessible memory region and is available there for future requests. 

[0046] In this context, it is possible to attach this code to any future request or 
only to special requests which have as their object, for example, an automatic log-in 
or a change of the log-in status. 

[0047] After a successful activation of the automatic log-in, the user of the 
subscriber station Tl, in a request R4, can select any other option of the dialog page 
D1AP and send this option to the external information system P for a response or 
for processing. 

[0048] Figure 4 is a representation of the process steps for an automatic log-in, 
after automatic log-in has been activated. 

[0049] In step Sl\ analogous to step Si according to Figure 3, the subscriber 
station Tl is switched on by the user and the browser is started. In step S2', a 
request Rl 1 with the access data set is automatically sent from the subscriber 
station Tl to the external information system P; in this case, in addition to the 
station identification VIN1, the access data set includes the secret hidden code 
VINl-RN. It should be noted in this regard that, if secret code VTNl-RN is absent 
(as, for example, in the case of a first log-in), the corresponding field of the access 
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data set may be vacant or contain a certain value which points to the absence of this 
secret code. 

[0050] . In a subsequent step S3\ the external information system P checks the 
received data set, particularly the parameters VINl, VINl-RN, by means of the 
subscriber list UL according to Figure 2, and determines, among other things, that 
an input is present in the corresponding field of the subscriber list UL, whereupon 
the decision is made that the automatic log-in is permissible. In the subsequent step 
S4\ the external information system P sends a corresponding log-in page LIP in a 
first response Al' to the subscriber station Tl, wherein, among other things, the 
permissible subscriber identifications Ul, U3 are listed which are indicated on the 
display unit of the subscriber station Tl. 

[0051] Because of the implemented activation of the automatic log-in, a 
supplement can be added to the subscriber identification Ul, which supplement 
prevents the user of the subscriber station Tl from being asked on the log-in page 
LIP to input the password after he has decided on the subscriber identification Ul. 
Correspondingly, a supplement can also be added to the subscriber identification U3 
which indicates that, in the case of a decision on this subscriber identification, the 
password should definitely be requested on the log-in page to be displayed. 

[0052] In the present case, the user decides in step S5' on the user identification 
Ul, specifically on that user identification for which the automatic log-in is 
installed. For this reason, the browser does not ask the user for the password Pi; 
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rather immediately after the decision on the subscriber identification Ul, it 
transmits the subscriber identification Ul in a second request R2 ? to the external 
information system p. In step S7 ! , the external information system P decides that 
the automatic log-in is permissible and successful and, in step S8\ sends a 
corresponding second response A2 ! with the already introduced dialog page D1AP 
to the subscriber station Tl. 

[0053] As described in connection with Figure 3, in step S9\ the user decides on 
a certain option of the dialog page D1AP and, by means of his browser, sends in step 
SlO' a corresponding parameter in a request R3' for a processing or responding to 
the external information system P. 

[0054] Naturally, the dialog page D1AP must also contain an option for the 
deactivation of the automatic log-in. In this context, it is expedient to introduce two 
different suboptions for the deactivation of the automatic log-in, specifically, a first 
suboption, in which automatic log-in is deactivated only for the corresponding motor 
vehicle (in the case of the above example, for the motor vehicle A with the station 
identification VTNl), as well as a second suboption in which the automatic log-in is 
removed for all vehicles registered and approved for the corresponding user. 

[0055] In contrast to the above-illustrated example, it is possible that no only a 
general code for securing the automatic log-in is assigned to a subscriber station but 
a different secret code for each user. 
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[0056] The above-described dialog is of course only used as example. Thus, the 
portion of the dialog for activating the automatic log-in may run by way of a 
different network than the radio communications network N or may run outside a 
normal session with a non-automatic log- in. Also, the secret code does not 
necessarily have to be a random code; rather it may, for example, be generated 
according to a predetermined algorithm from the station identification or in another 
manner. 

[0057] The foregoing disclosure has been set forth merely to illustrate the 
invention and is not intended to be limiting. Since modifications of the disclosed 
embodiments incorporating the spirit and substance of the invention may occur to 
persons skilled in the art, the invention should be construed to include everything 
within the scope of the appended claims and equivalents thereof. 
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